Security

How does the new Stagefright exploit Metaphor conduct an ASLR bypass?

A new proof of concept Stagefright exploit called Metaphor has been made public by cybersecurity firm NorthBit,…

“;
}
});

/**
* remove unnecessary class from ul
*/
$(“#inlineregform”).find( “ul” ).removeClass(“default-list”);

/**
* Replace “errorMessageInput” class with “sign-up-error-msg” class
*/
function renameErrorMsgClass() {
$(“.errorMessageInput”).each(function() {
if ($(this).hasClass(“hidden”)) {
$(this).removeClass(“errorMessageInput hidden”).addClass(“sign-up-error-msg hidden”);
} else {
$(this).removeClass(“errorMessageInput”).addClass(“sign-up-error-msg”);
}
});
}

/**
* when validation function is called, replace “errorMessageInput” with “sign-up-error-msg”
* before return
*/
function validateThis(v, form) {
var validateReturn = urValidation.validate(v, form);
renameErrorMsgClass();
return validateReturn;
}

/**
* DoC pop-up window js – included in moScripts.js which is not included in responsive page
*/
$(“#inlineRegistration”).on(“click”,”a.consentWindow”, function(e) {
window.open(this.href, “Consent”, “width=500,height=600,scrollbars=1”);
e.preventDefault();
});

which is based in Israel. The big news is that Metaphor uses an address space layout randomization (ASLR) bypass to affect potentially hundreds of millions of Android devices. What is an ASLR bypass, and how much more serious is this new Stagefright exploit?

Android patching has been problematic since Android was first introduced because of its fragmented hardware and software ecosystem. Apple doesn’t have the same challenge that Google faces in ensuring Android devices have the most current patches, because Apple controls the hardware, software and patching process of its devices. Google has to juggle multiple different open source projects in Android, including Linux and other supporting libraries and software. This makes it difficult to patch vulnerable Android devices for the Stagefright exploit. Google is making changes to how Android is patched, but there is still a significant installed base that will not get the patches or other security improvements.

The Metaphor proof of concept increases the risk of Android users experiencing a potential Stagefright exploit on their devices, but Android’s fragmented ecosystem will make it difficult for widespread attacks. Metaphor uses an ASLR bypass, cheating the operating system process which randomizes the location where system executables are loaded into memory. It predicts these locations and performs buffer-overflow attacks.

Metaphor provides a framework for developing targeted exploits, but it would still require critical information about the specific device, such as gadget offsets or predictable addresses. The exploit authors provide a table of some of these values. Also, few smartphones expose the vulnerable Mediaserver functionality to the network so a traditional network worm is unlikely, but many smartphone users render SMS messages, webpages and email automatically. This update could be used in targeted attacks, so having an endpoint security tool that analyzes incoming messages and blocks malicious messages may provide additional protection.

Ask the Expert: Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)

Next Steps

Get tips on how to improve Android mobile security

Learn about Android security policies your enterprise should adopt

Read about the challenges of Android device security management


Dig Deeper on Smartphone and PDA Viruses and Threats-Setup and Tools


Source link

Tags